Brunnhilde 1.9.0

Brunnhilde 1.9.0 will be the last Brunnhilde release (with the exception of bugfix patch releases) to support Python 2, which hit end of life on January 1, 2020. The next major release of Brunnhilde is anticipated to be a significant rewrite.

Functional changes

Brunnhilde 1.9.0 includes a number of code quality and readability improvements, as well as:

• A new simpler syntax for calling Brunnhilde: brunnhilde.py source destination. The old API (brunnhilde.py source destination basename) is officially deprecated but will continue to be supported for API stability.
• New stylings for the HTML report, which no longer require Bootstrap or any external JavaScript or CSS dependencies. This removes the need for an internet connection or for caching asset files locally.
• A new properly-formatted "Virus report" section of the HTML report with its own link in the navigational bar.
• Improved "Duplicates", "Warnings", and "Errors" sections of the HTML report.
• Improving terminal logging, using Python's built-in logging module.
• Better handling of output directories. If the output directory already exists, Brunnhilde will now quit with a warning unless the-o/--overwrite option is provided.
• Support for running bulk_extractor on Windows.

New features

• The new --stdin and --csv options enable Brunnhilde to use a Siegfried CSV file as input from either piped stdin or a file, respectively, if the source being analyzed is a directory (issue #1).
• The new --hfs_partition and --hfs_fsroot options enable users to specify a partition number or POSIX path to unhfs to specify which files should be extracted from HFS disk images (issue #45, with thanks to Brian Dietz, NCSU Libraries).
• The new --regex option enables users to pass a regular expressions file to bulk_extractor to have bulk_extractor search for custom patterns (with thanks to Joe Carrano, MIT Libraries, #49).

Bugfixes

• Close connections before deleting the sqlite database (#48).
• Empty CSV files are no longer written to the csv_reports directory.